Cyber Extortion: Is Your Business Software At Risk?

2017 looks set to be the year of global ransomware attacks – a type of malware that blocks access to a computer and demands money to release it. In recent months, cyberattacks named ‘WannaCry’ and ‘Petya’ have infected hundreds of thousands of computers across the world, hitting large organizations such as Britain’s National Health Service (NHS), Russian steel and oil firms Evraz and Rosneft, and Pittsburg’s Heritage Valley Health System.

Ransomware is a growing risk

Both WannaCry and Petya targeted vulnerabilities in Microsoft Windows operating systems called EternalBlue. In doing so, these campaigns of cyber extortion have emphasized growing concerns that a huge number of businesses rely on software that is at risk from aggressive hackers. With most security experts predicting more attacks to come, companies that don’t act now run a greater risk of exposure to threats.

Unpatched, outdated systems are a ticking time bomb

The EternalBlue flaw in Windows was first revealed in March this year. Although Microsoft issued a patch almost immediately to protect current versions of the software, the company didn’t release a patch for older systems such as XP until after WannaCry struck, despite the fact an estimated 7 percent of the world’s PCs still run on the software.

The huge number of outdated, unpatched systems should act as a wake-up call for businesses to put better security measures in place. Unfortunately, there are still a lot of businesses that don’t receive adequate support and don’t realize they are in possession of a vulnerable system that needs patching.

Ransomware attacks strengthen the case for cloud migration

Putting your business’ critical systems in the cloud eliminates the ticking time bomb presented in outdated systems. Software as a Service and managed cloud providers continuously update systems. This simplifies operations, reduces failures and minimizes vulnerabilities. Beyond automatic patching, hosting systems in the cloud also provides other security benefits. At NewVoiceMedia, for example, we are constantly working to improve the robustness of our cloud-based contact center service, and are ISO27001 certified with externally audited Level 1 PCI DSS compliance.

Proactive threat detection

When using the services of a cloud provider, businesses get to enjoy the benefit of a centralized monitoring system. Put simply, this means that security incidents are quickly detected and managed on a proactive rather than reactive basis. Cloud providers also have dedicated security experts on hand, which means they are better equipped for crisis management than most businesses.

Improved disaster recovery capabilities

In the event of an attack, cloud systems offer more robust disaster recovery options than traditional applications. Cloud computing puts your entire IT infrastructure onto a managed environment than can span multiple geographic regions. If one region gets hit, this means you can shift everything from one data center to another in a matter of minutes, ensuring maximum continuity.

Final thoughts

As our economy gets ever more reliant on digital technology, businesses cannot afford to get complacent about cybersecurity. At present, many businesses don’t have the capacity or expertise to take full responsibility for data security. However, in a lot of these cases, migrating to the cloud will provide the support needed to prevent ransomware attacks and other unforeseen threats.

About the Author

Ashely Unitt, co-founder and chief scientist at NewVoiceMedia, has more than 20 years’ experience in developing advanced messaging software. He leads NVM’s architecture and research teams, and heads up NVM Labs.